Reverse DNS and multiple domains on same IP
Reverse DNS and multiple domains on same IP
Hi.
Can anyone explain to me the correct approach for the following:
I have:
PTR 193.77.83.XXX that resolves to mail.domain1.com
primary mail domain with hostname (SMTP Banner) mail.domain1.com
A record mail.domain1.com that point to 193.77.83.XXX
Since IP can only have one Reverse DNS, how do I set other domains? PTR will not reverse to any of the domains below:
mail.domain2.com
mail.domain3.com
mail.domain4.com
Thank you.
Br,
kd
Can anyone explain to me the correct approach for the following:
I have:
PTR 193.77.83.XXX that resolves to mail.domain1.com
primary mail domain with hostname (SMTP Banner) mail.domain1.com
A record mail.domain1.com that point to 193.77.83.XXX
Since IP can only have one Reverse DNS, how do I set other domains? PTR will not reverse to any of the domains below:
mail.domain2.com
mail.domain3.com
mail.domain4.com
Thank you.
Br,
kd
Re: Reverse DNS and multiple domains on same IP
You only have one reverse IP and that's for the 'primary' domain for the IP address.
Re: Reverse DNS and multiple domains on same IP
Thank you for your reply!
I know for primary. It will resolve. I'm asking for other domains which will not.
I just got a reply from my ISP that PTR record can include multiple domains.
That would be an easy solution, I guess.
Br,
Dali
I know for primary. It will resolve. I'm asking for other domains which will not.
I just got a reply from my ISP that PTR record can include multiple domains.
That would be an easy solution, I guess.
Br,
Dali
-
- Ambassador
- Posts: 2767
- Joined: Mon Dec 16, 2013 11:35 am
- Location: France - Drôme
- ZCS/ZD Version: All of them
- Contact:
Re: Reverse DNS and multiple domains on same IP
I don't think so.kdiamond wrote: I just got a reply from my ISP that PTR record can include multiple domains.
If they put several FQDN on a single PTR, DNS will round-robin between them.
Re: Reverse DNS and multiple domains on same IP
Usually you only need to setup the main domain with PTR, SMTP banner , after that your secondary domains should have their MX records pointed to the main domain ... at least that's how i have it
mail.domain1.com PTR 100.110.111.112 (example ip)
mail.domain1.com A 100.110.111.112
domain1.com MX mail.domain1.com
domain2.com MX mail.domain1.com
domain3.com MX mail.domain1.com
mail.domain1.com PTR 100.110.111.112 (example ip)
mail.domain1.com A 100.110.111.112
domain1.com MX mail.domain1.com
domain2.com MX mail.domain1.com
domain3.com MX mail.domain1.com
Re: Reverse DNS and multiple domains on same IP
They did it and it works.Klug wrote:I don't think so.kdiamond wrote: I just got a reply from my ISP that PTR record can include multiple domains.
If they put several FQDN on a single PTR, DNS will round-robin between them.
PTR record
Thank you
Last edited by kdiamond on Fri Apr 16, 2021 11:01 am, edited 1 time in total.
Re: Reverse DNS and multiple domains on same IP
Thank youaduzsardi wrote:Usually you only need to setup the main domain with PTR, SMTP banner , after that your secondary domains should have their MX records pointed to the main domain ... at least that's how i have it
mail.domain1.com PTR 100.110.111.112 (example ip)
mail.domain1.com A 100.110.111.112
domain1.com MX mail.domain1.com
domain2.com MX mail.domain1.com
domain3.com MX mail.domain1.com
I will do that also, it can not hurt I guess.
Br,
Dali
-
- Ambassador
- Posts: 2767
- Joined: Mon Dec 16, 2013 11:35 am
- Location: France - Drôme
- ZCS/ZD Version: All of them
- Contact:
Re: Reverse DNS and multiple domains on same IP
Nope.kdiamond wrote:They did it and it works.Klug wrote:I don't think so.kdiamond wrote: I just got a reply from my ISP that PTR record can include multiple domains.
If they put several FQDN on a single PTR, DNS will round-robin between them.
They actually did it, if you use nslookup or dig or an online resolver, you'll get all four PTR at a time.
But any normal app (not a resolver) will only get one per request.
So if you're lucky your app (distant MTA) will get the good one, if you're not, it'll get a FQDN with no link to the domain it tries to talk to.
And the HELO/EHLO message won't be the correct one (HELO/EHLO is always the same and will be different of the PTR).
It's exactly the same than for A records (instead of PTR).
You can have several IP for a single FQDN, dig or nslookup or a resolver will show all of them.
But your browser will only get one of them (sent by its resolver) and use only only (until next request/TTL).
Code: Select all
$ dig +short zimbra.com
3.213.46.189
3.213.215.90
The "correct" way is to setup a single FQDN and set it up correctly: use the FQDN as Zimbra server name (so you get a correct HELO/EHLO), correct PTR with this FQDN and set it up as first MX for your domains.
Don't forget to setup another MX (at least) with lower priority.
We have dozens of domains set up that way and it works flawlessly.
Re: Reverse DNS and multiple domains on same IP
Thank you for a detailed explanation! What you're saying makes sense. I'm a noob with DNS, so I rather ask twice. So if I understand you correctly, you are saying that multiple PTR records are no good practice and can rather hurt that benefit? Better to have just a single one?The "correct" way is to setup a single FQDN and set it up correctly: use the FQDN as Zimbra server name (so you get a correct HELO/EHLO), correct PTR with this FQDN and set it up as first MX for your domains.
Don't forget to setup another MX (at least) with lower priority.
We have dozens of domains set up that way and it works flawlessly.
Does that mean the check tools like https://mxtoolbox.com/diagnostic.aspx will always show an error for all secondary domains?
So to use your method in practice would be like?:
Primary domain
Primary domain: mail.domain1.com
IP PTR resolves to: mail.domain1.com
IP A mail.domain1.com
domain1.com MX(10) mail.domain1.com
Secondary domain(s):
IP A mail.domain2.com
domain2.com MX(10) mail.domain2.com
domain2.com MX(20) mail.domain1.com
Would that be your suggestion? If I got it wrong please correct me.
Thank you very much.
Br,
kd
-
- Ambassador
- Posts: 2767
- Joined: Mon Dec 16, 2013 11:35 am
- Location: France - Drôme
- ZCS/ZD Version: All of them
- Contact:
Re: Reverse DNS and multiple domains on same IP
Yes.kdiamond wrote:So if I understand you correctly, you are saying that multiple PTR records are no good practice and can rather hurt that benefit? Better to have just a single one?
I think it would be ok, see below.kdiamond wrote:Does that mean the check tools like https://mxtoolbox.com/diagnostic.aspx will always show an error for all secondary domains?
Mostly, it lacks a secondary MX (that needs to be another server, even better in another subnet/datacenter.kdiamond wrote:Primary domain
Primary domain: mail.domain1.com
IP PTR resolves to: mail.domain1.com
IP A mail.domain1.com
domain1.com MX(10) mail.domain1.com
Nope.kdiamond wrote:Secondary domain(s):
IP A mail.domain2.com
domain2.com MX(10) mail.domain2.com
domain2.com MX(20) mail.domain1.com
I'd do this:
Secondary domain(s):
domain2.com MX(10) mail.domain1.com
domain2.com MX(20) anotherserver.domain1.com[/quote]
The idea is to declare your mail server only once, in one domain.
Then use it for every domain.
If you had a third domain, it would be:
Third domain(s):
domain3.com MX(10) mail.domain1.com
domain3.com MX(20) anotherserver.domain1.com
And so on for all the domains.
It you use mxtoolbox diagnostic with such a setup, you will only test mail.domain1.com, because it's the only way the server is known.
There won't be a "reverse mismatch", hostname will be valid, if this is the FQDN of your Zimbra's server you'll have the correct SMTP banner.